There are many situations today in which a computing device, which may or may not communicate with other devices or entities, is used in a manner in which the device, or some portion or computing environment within the device, is “owned” by an individual, an organization or some other entity. By “owned,” we mean that the device, or some portion or computing environment within it, may have been authenticated with the entity and the entity may thereafter have taken some form of control over the device or some portion of it. One example of such a situation is in the wireless mobile communications industry, where a user of a wireless device, such as a mobile telephone, may subscribe to the services of a particular mobile communication network operator.
In the mobile communications industry today, wireless devices with which a user may subscribe to the services of a particular network operator typically include a Subscriber Identity Module (SIM) or Universal Integrated Circuit Card (UICC). The SIM/UICC provides a wireless device with a secure execution and storage environment from which to execute authentication algorithms and store credentials that enable the device to authenticate the device user's subscription with the network operator toward the network operator and allow the network operator to have some form of control, i.e., ownership, over the device. Unfortunately, this SIM/UICC mechanism typically is limited to use with a single network operator.
Thus, a problem in many computing contexts today, like the situation described above with mobile communications devices, is that the computing devices often are limited to being “owned” in the entirety of the device by a single entity. And in many cases, that ownership must be established at the time of purchase of a device by a user, preventing business models in which it may be desirable to establish ownership at a later time. Furthermore, these limitations prevent use of the devices in situations in which it may be desirable for multiple ownership of a number of mutually isolated portions of the device to exist, or for ownership to be transitioned to other entities from time to time. For example, in the case of a wireless mobile communication device, such as a mobile telephone, users are typically required to subscribe to the services of a particular mobile network operator at the time of purchase, and such devices are often prevented from being used in applications where the mobile network operator may only be known some time after the purchase of the wireless device. Also, it is typically not possible for such devices to provide access to multiple operator networks at one time. Updating or changing mobile network and service subscriptions can be difficult, and doing so over-the-air is usually not possible.
Also, particularly in the context of wireless mobile communications devices, although the SIM/UICC mechanism is generally considered to be highly secure, the security is not linked strongly to security properties of the whole device on which it resides. This limits the application of scaling security concepts for advanced services and applications such as mobile financial transactions. In particular, these shortcomings are relevant for autonomous devices, such as, machine-to-machine (M2M) communication devices.
Accordingly, a more dynamic and secure solution is desirable.